cade 0 Report post Posted May 12, 2008 aku ada website yg berfungsi ngan http jer.....tp ada plak satu page yg aku rasa memerlukan extra security... so aku ingt nk pakai https? Aku harap otai2 bole la guide aku utk setup benda alah nih....jgn cakap terlalu general. Kang ilmu sesat plak yg aku warisi.... Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 12, 2008 Soalan masih generel lagi tu bro, cuba spesific lai. Part mana yg tak paham. nak install ke? nak configure ke? nak running?kalo nak install.. aku suggest install openSSL http://www.openssl.org/source/ (open source) pastu webserver kalo pki Apache, kena configure balik la apache tuh.# ./configure --enable-sslkalo nak guna utk localhost, dah leh test dah ssl guna skrip kat bawah, tapi kalo nak guna dlm LAN ke? atau Internet ke, kena la open port 443 kat firewall server tu. # iptables -A INPUT -i eth0 --protocol udp --source-port 443 -j ACCEPT# iptables -A INPUT -i eth0 --protocol tcp --source-port 443 -j ACCEPT# iptables -A OUTPUT -o eth0 --protocol udp --destination-port 443 -j ACCEPT# iptables -A OUTPUT -o eth0 --protocol tcp --destination-port 443 -j ACCEPTPastu buat port forward dari gateway/router ke serverPastu dah leh test guna php.<?php if($_SERVER['HTTPS']) echo 'https is ON'; ?>Optional:Kalo nak accept user dari internet for online payment kena install cert.. Kalo dlm satu server guna bnyk domain, edit httpd.conf kat vhost. configure cert tu bagi setiap vhostDah siap! guide tu secara general je, boleh jadi tak sesuai dengan network ko. sbb tu kena spesific lagi soalan.. server pakai Windows/Linux? gateway internet pakai server box atau router blackbox. sbb kalau pakai server box linux nak port forward dia lain cara dia, kalau gateway pakai router kotak yg TMnet bagi tu plak lain cara dia. pastu kena tengok plak brand apa router tu. lain brand lain cara nak forward.. uhuhu.. Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 13, 2008 # iptables -A INPUT -i eth0 --protocol udp --source-port 443 -j ACCEPT # iptables -A INPUT -i eth0 --protocol tcp --source-port 443 -j ACCEPT # iptables -A OUTPUT -o eth0 --protocol udp --destination-port 443 -j ACCEPT # iptables -A OUTPUT -o eth0 --protocol tcp --destination-port 443 -j ACCEPTbro, yg ni nk run camna eh?Aku guna windows dgn WAMP jer...sbb nk bt development masa tuh....(ni kat pc aku la)So skrg aku ada website yg host kat linux, aku cume leh pakai cpanel jer utk administer hosting aku tuh....So camna aku nk open port 443 tuh kalo aku host guner shared hosting camnih?Ada idea x? Aiyah... nk install cert tuh camner eh? Aku reti development basic PHP jer...nk configure PHP ni pon terhegeh2....Tp senario aku mcm aku terang kat atas.. So ada certain part aku kena gune https utk antar sensitive info.....so kat situ la kesedaran tu timbulps: ko nih mmg experience. Kalo leh include skali url yg best kat aku skali ye sifoo Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 13, 2008 since ko pakai windows, command iptables tu ko abaikan... yg tu utk firewall dlm linux . huhuKalo ko pakai WAMP aku suggest ko cari WAMP yg suppot SSL. Ko check tengok kat sini http://en.wikipedia.org/wiki/Comparison_of_WAMPsXAMPP pun popular gak.http://www.apachefriends.org/en/xampp-windows.htmlKo nak install satu-satu ke or guna package? Kalo ko lebih selesa guna package pasang siap macam XAMPP senang sikit, tapi kalo ko nak install satu-satu.. payah sikit la keje, kena download source Apache + PHP + OpenSSL pastu kena download gcc utk Windows pastu compile & config satu-satu.. since ko dah pakai Windows, aku suggest ko pakai je yg pakej pasang siap utk tidak memeningkan kepada ko. pastu cert tu takyah instal dalam development server pun takpe, janji SSL jalan cukup. ko kata pakai Cpanel kat server lain kan? cert tu ko kena install under account Cpanel ko, contact ngan admin server soh dia install cert.. biasanya diorang akan kenakan charge/fees bulan-bulan.camner bro.. ok tak...? huhups: sifo tu takde ar... tapi pengalaman tu ade la sket2.. Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 14, 2008 owh...siap ada charge plak eh...biler dorang da instal cert tu kat cpanel, maknanye da bole pakai https? Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 14, 2008 ekceli kalo ko taknak beli cert lagi pun takpe, ko leh test dulu guna shared SSL. Shared SSL biasanya free. ko kongsi dengan user-user lain dalam server tu. cumanya ko terpaksa pakai URL macam ni:https://www.webhosting.com/~cade/index.php <-- yg ni shared SSLkalo nak pakai special utk ko... ko kena beli private SSLhttps://www.cade.com <-- Private SSLmostly web hosting dah install dah SSL tinggal nak enablekan kan je.. Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 14, 2008 eh sori2....aku mmg da ada domain http://www.cade.comkalo camtu ko tunjuk camna la nk enable tuh Quote Share this post Link to post Share on other sites
ejoe 0 Report post Posted May 14, 2008 just webhosting ko yg bleh enable... Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 14, 2008 Web Hosting company ko skang ni ada talian sokongan pelanggan (support) tak? kalau ade, kena contact la diorang, cakap saya nak apply SSL cert utk domain http://www.cade.com. Quote Share this post Link to post Share on other sites
ejoe 0 Report post Posted May 14, 2008 wah sampai detail camtu sekali penerangan ko berry kekekep/s pastikan anda sediakan sedikit RM untuk dibuat bayaran apply SSL huhu Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 14, 2008 huhuhu.. aku ingat memula dia kata nak install kat server. tu yg siap kluar iptables, firewall semua tu.. last-last nak install kat cpanel.. ya.. ya betul cakap ejoe, sediakan sedikit RM untuk bayaran SSL, semua kerja akan dilakukan oleh pihak hosting. pendek kata ada duit semua jalan.. Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 14, 2008 hehehe....aku mana la paham benda ssl nih...benda ni baru giler la kat aku... korang gelakkan budak baru blajar plak skrg nih kalo da enable nk kena buat apa lg? Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 14, 2008 kalo nk setup kat localhost camna eh? Aku guner wamp 2.2.8 jer....search kat web tp ada maslah plak.... Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 14, 2008 (edited) WampServer include skali dengan OpenSSL tak? kalo wamp 2.2.8 tu dah siap dengan openssl, ko edit je httpd.conf pastu masukkan;module ssl_module.socuba ko baca kat topik ni: http://www.wampserver.com/phorum/read.php?2,32986,page=1kat situ siap dia ajar camner nak install cert kat dalam httpd-ssl.conf cuba dulu bro, kalo jadi kasi bagitau kat sini.. aku tak biasa guna pakej.. biasa install satu-satu pastu compile manual. maybe yg biasa pakai wamp ni leh ar share kat sini. Edited May 14, 2008 by rasberry Quote Share this post Link to post Share on other sites
cade 0 Report post Posted May 15, 2008 tutorial nih aku da cuba...tp aku fail plak....wahahaha....ok skrg nih, ko ada website yg configure sumer tuh manually tak? tunjuk cara satu2 Quote Share this post Link to post Share on other sites
rasberry 0 Report post Posted May 16, 2008 (edited) bro.... jarang org compile apache kat windows. aku cari gak tutorial kat net tapi tak jumpa, dr compile kat windows baik org compile terus kat linux... aku nak wat tutorial pun tak brp pandai lagi.., tapi aku leh kasi general guideline . Mula2 ko download dulu gcc compiler utk Windows. Gcc ni leh guna utk compile Apache. http://sourceforge.net/projects/gcw/Pastu ko download Apache source. cari yg source punya bukan binary. kalau binary dia dah siap compile utk ko. ko biasa compile software under linux tak? sbb nak compile guna gcc ni kena tau camner nak configure pakej pastu build (make) ke binary n ko kena study camner nak guna gcc. tutorial cari kat google. kalo ko dah ada Microsoft Visual, ko leh gak pakai C++ compiler. tupun kalo ko biasa wat software utk windows la.. http://httpd.apache.org/docs/2.0/platform/win_compiling.htmlkalo ko nak compile pki gcc pun boleh.. http://httpd.apache.org/docs/2.0/install.html. aku rekemen pakai gcc lagi senang ..huhumcm aku ckp sebelum ni, kalo ko tak biasa ko guna je benda yg dah siap. susah-susah sangat ko pki je XAMPP. tak pun pki Apache2Triad dia siap skali OpenSSL ngan mod_ssl. jgn pening-pening kapla bro.. nak includekan ssl kat wamp 2.2 pun ko dah pening inikan pulak nak compile satu-satu.. huhu.. takpe bro, slow2 blaja.. blajar dulu compile Apache, pastu leh gerak gi mysql, php, ssl lak. aku pun dulu sampai bengkak2 mata nak bwt benda ni. hohoho Edited May 16, 2008 by rasberry Quote Share this post Link to post Share on other sites
